Tag: russia
-
Void Botnet Leverages Ethereum for Resilient C2
A newly identified botnet, named Void, is leveraging Ethereum smart contracts to build a resilient, hard-to-disrupt command-and-control (C2) infrastructure, marking a continued evolution in blockchain-enabled cybercrime. Discovered in March 2026 and advertised on a Russian-language cybercrime forum, Void Botnet follows closely behind the earlier Aeternum C2 campaign documented by Qrator Labs, but introduces notable differences…
-
Banned Nvidia AI Chips Keep Reaching China Despite US Crackdown
US export-control cases show how Nvidia chips and other restricted tech are allegedly diverted to China and Russia through shell firms and intermediaries. The post Banned Nvidia AI Chips Keep Reaching China Despite US Crackdown appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-nvidia-ai-chip-smuggling-export-controls-apac/
-
Paper Werewolf APT Spreads EchoGather RAT via Fake Adobe Installer
A sophisticated Russian-language threat cluster known asPaper Werewolf(also tracked as GOFFEE) has launched a fresh wave of targeted cyberattacks against Russian industrial, financial, and transport organizations between March and April 2026. The attack begins with a phishing email carrying a PDF attachment. Embedded inside the PDF is a URL pointing to a ZIP archive named…
-
Russian APT Turla builds long-term access tool with Kazuar Botnet evolution
Russia-linked APT group Turla turned its Kazuar malware into a stealthy P2P botnet for long-term access to compromised systems. Russia-linked APT group Turla upgraded its Kazuar backdoor into a modular peer-to-peer botnet designed for stealth and persistent access to infected systems. Microsoft researchers say the malware allows attackers to maintain long-term control while making detection…
-
Russian APT Turla builds long-term access tool with Kazuar Botnet evolution
Russia-linked APT group Turla turned its Kazuar malware into a stealthy P2P botnet for long-term access to compromised systems. Russia-linked APT group Turla upgraded its Kazuar backdoor into a modular peer-to-peer botnet designed for stealth and persistent access to infected systems. Microsoft researchers say the malware allows attackers to maintain long-term control while making detection…
-
Russian APT Turla builds long-term access tool with Kazuar Botnet evolution
Russia-linked APT group Turla turned its Kazuar malware into a stealthy P2P botnet for long-term access to compromised systems. Russia-linked APT group Turla upgraded its Kazuar backdoor into a modular peer-to-peer botnet designed for stealth and persistent access to infected systems. Microsoft researchers say the malware allows attackers to maintain long-term control while making detection…
-
Russian APT Turla builds long-term access tool with Kazuar Botnet evolution
Russia-linked APT group Turla turned its Kazuar malware into a stealthy P2P botnet for long-term access to compromised systems. Russia-linked APT group Turla upgraded its Kazuar backdoor into a modular peer-to-peer botnet designed for stealth and persistent access to infected systems. Microsoft researchers say the malware allows attackers to maintain long-term control while making detection…
-
Russian hackers turn Kazuar backdoor into modular P2P botnet
The Russian hacker group Secret Blizzard has developed its long-running Kazuar backdoor into a modular peer-to-peer (P2P) botnet designed for long-term persistence, stealth, and data collection. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-hackers-turn-kazuar-backdoor-into-modular-p2p-botnet/
-
Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access
The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet that’s engineered for stealth and persistent access to compromised hosts. Turla, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA), is assessed to be affiliated with Center 16 of Russia’s Federal Security Service (FSB) First…
-
Microsoft Exposes Kazuar Malware’s Modular P2P Botnet Architecture
Microsoft has revealed new technical insights into Kazuar, a long-running malware linked to the Russian state-backed group Secret Blizzard, highlighting its evolution into a stealthy, modular peer-to-peer (P2P) botnet designed for persistent cyber espionage. Originally identified as a traditional backdoor, Kazuar has steadily transformed into a sophisticated ecosystem that prioritizes resilience, low visibility, and flexible…
-
A spyware investigator exposed Russian government hackers trying to hijack Signal accounts
A group of likely Russian government hackers tried to hack a security researcher who investigates spyware attacks. He was then able to turn the tables on the hackers and reveal details of their espionage campaign. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/14/a-spyware-investigator-exposed-russian-government-hackers-trying-to-hijack-signal-accounts/
-
Sandworm Hackers Shift From IT Breaches to Critical OT Targets
A new wave of cyber activity linked to the notorious Sandworm group is raising fresh alarms across global critical infrastructure. Security researchers warn that the Russian state-backed threat actor is no longer just infiltrating IT networks it is actively pivoting into operational technology (OT) environments where real-world disruption becomes possible. The findings are based on…
-
Operation HumanitarianBait Uses Fake Aid Documents to Deploy Python Spyware
Operation HumanitarianBait uses fake aid documents, GitHub-hosted payloads, and Python spyware to target Russian-speaking victims. First seen on hackread.com Jump to article: hackread.com/operation-humanitarianbait-fake-aid-docs-python-spyware/
-
The British public need to be better prepared for emergencies | Letter
Tags: attack, china, cyber, data-breach, disinformation, iran, resilience, russia, supply-chain, threat, warfare<strong>Jean Coussins</strong> says a cross-party Lords committee has been tasked with coming up with a plan to normalise resilience in our everyday livesYour editorial (<a href=”https://www.theguardian.com/commentisfree/2026/may/01/the-guardian-view-on-britains-fragile-systems-when-global-shocks-hit-your-shopping-bill”>Britain’s fragile systems: when global shocks hit your shopping bill, 1 May) makes clear that the public need to be more fully informed about global threats and actively engaged in…
-
Polish intelligence warns hackers attacked water treatment control systems
The agency did not publicly attribute the incidents to a specific group or country but said Poland faced intensified hostile cyber activity in 2024 and 2025, “with particular emphasis on the special services of the Russian Federation.” First seen on therecord.media Jump to article: therecord.media/polish-intelligence-warns-hackers-attacked-water-treatment
-
DOJ says ransomware gang tapped into Russian government databases
U.S. prosecutors said a ransomware gang fueled Russian government corruption, and allowed the gang’s leaders to avoid paying taxes and dodge the country’s military draft. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/06/doj-says-ransomware-gang-tapped-into-russian-government-databases/
-
Ransomware Gang Member Linked to Russian Cybercrime Group Sentenced to Prison
A Latvian national operating from Moscow has been sentenced to 102 months in federal prison for his role as a key negotiator within a prolific Russian ransomware network. Deniss Zolotarjovs, 35, participated in a cybercrime syndicate that orchestrated data theft and extortion campaigns against over 54 organizations worldwide between June 2021 and August 2023. The…
-
Latvian national sentenced for ransomware attacks run by former Conti leaders
Deniss Zolotarjovs was mostly tasked with putting pressure on the Russia-based crew’s victims, in one case leaking hundreds of children’s health records. First seen on cyberscoop.com Jump to article: cyberscoop.com/latvian-russia-ransomware-conti-sentenced/
-
Conti ransomware gang member sentenced to 102 months in prison
A Latvian national who was part of a major Russian ransomware organization that stole from and extorted more than 54 companies has been sentenced to 102 months in prison. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/05/usa-conti-ransomware-member-sentenced/
-
Silver Fox Uses Fake Tax Notices to Drop ValleyRAT and ABCDoor Backdoor
Silver Fox is running a tax”‘themed phishing campaign that abuses fake notices from Indian and Russian tax authorities to drop ValleyRAT and a new Python backdoor dubbed ABCDoor, using a customized RustSL loader to evade detection and enforce strict geofencing controls. The campaign shows how the group is steadily evolving from commodity RAT delivery to…
-
Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison
A Latvian national extradited to the United States was sentenced to 8.5 years in prison for his “cold case” negotiator role in the Russian Karakurt ransomware group. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/karakurt-extortion-gang-negotiator-sentenced-to-85-years-in-prison/
-
Grinex Collapse Won’t Dent Russian Sanctions Busting
Cryptocurrency Exchange Traded A7A5 Token. Russian sanctions busters won’t be too fazed by the collapse of a cryptocurrency platform that facilitated billions of dollars’ worth of transactions and whose main attraction was a ruble-pegged stablecoin. Experts say transactions fueling Russia’s shadow economy and its war machine will persist. First seen on govinfosecurity.com Jump to article:…
-
Silver Fox Springs Tax-Themed Attacks on Orgs in India, Russia
More than 1,600 socially engineered messages from the China-backed advanced persistent threat (APT) group target various sectors to deliver the previously undocumented ABCDoor backdoor, ValleyRAT, and other malware. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/silver-fox-tax-themed-attacks-india-russia
-
Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia
The China-based cybercrime group known as Silver Fox has been linked to a new campaign targeting organizations in Russia and India with a new malware called ABCDoor.The activity involved using phishing emails that mimic correspondence from the Income Tax Department of India in December 2025, followed by a similar campaign aimed at Russian entities.”Both waves…
-
Cyber spies target Russian aviation firms to steal satellite and GPS data
A cyber-espionage group has been targeting Russian government agencies and companies in the aviation industry to steal sensitive geospatial data. First seen on therecord.media Jump to article: therecord.media/russia-cyber-espionage-aviation
-
Three Arrested for Hacking Over 610,000 Roblox Accounts
Suspects accused of distributing malware and selling access to stolen Roblox accounts on Russian marketplaces First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/three-arrested-over-roblox-hacking/
-
ODNI to CISOs on threat assessments: You’re on your own
Tags: access, ai, china, ciso, computer, control, credentials, cyber, cybercrime, data, defense, detection, disinformation, encryption, finance, framework, government, healthcare, identity, infrastructure, intelligence, iran, jobs, korea, metric, resilience, risk, russia, service, strategy, technology, theft, threat, tool, warfareThe bifurcated framework: Operational reporting vs. homeland focus: The report now operates on two distinct tracks that risk narrowing the threat horizon for CROs. In a departure from traditional probabilistic forecasting, the IC has transitioned toward active operational reporting. This shift prioritizes immediate success metrics, such as a significant drop in border encounters and fentanyl…
-
Hackers arrested for stealing and reselling 600,000 Roblox accounts
Ukrainian police detained three suspects accused of hacking into Roblox accounts and reselling the data on Russian websites, with payments made in cryptocurrency. Police raid … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/30/ukraine-roblox-account-hacking-scheme/

